Category: Security Blog G Data Software AG

If YARA signatures for .NET assemblies only rely on strings, they are very limited. We explore more detection opportunities, including IL code, method signature definitions and specific custom attributes. Knowledge about the underlying .NET metadata structures, tokens and streams helps…

Read more →

If YARA signatures for .NET assemblies only rely on strings, they are very limited. We explore more detection opportunities, including IL code, method signature definitions and specific custom attributes. Knowledge about the underlying .NET metadata structures, tokens and streams helps…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Vidar Stealer: Revealing A New Deception Strategy

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Smoked out – Emmenhtal spreads SmokeLoader malware

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Blog G Data Software AG Read the original article: Smoked out – Emmenhtal spreads SmokeLoader malware

Read more →

In the ever-evolving landscape of advanced persistent threats (APTs), the notorious financial cybercrime group FIN7 has added another sophisticated tool to their arsenal. We have recently discovered a new Python-based backdoor, called “AnubisBackdoor”, being deployed in their latest campaigns. This…

Read more →

In the ever-evolving landscape of advanced persistent threats (APTs), the notorious financial cybercrime group FIN7 has added another sophisticated tool to their arsenal. We have recently discovered a new Python-based backdoor, called “AnubisBackdoor”, being deployed in their latest campaigns. This…

Read more →

Cybercriminals are taking advantage of the increased demand in travel by setting up fake booking sites, phishing scams and fraudulent listings to trick unsuspecting travelers. This article has been indexed from Security Blog G Data Software AG Read the original…

Read more →

Fake recruiters are currently on the hunt for CVs – and also your data. Reports have emerged about malware being put into work assignments that supposedly test a candidate’s technical skills. This article has been indexed from Security Blog G…

Read more →

Fake recruiters are currently on the hunt for CVs – and also your data. Reports have emerged about malware being put into work assignments that supposedly test a candidate’s technical skills. This article has been indexed from Security Blog G…

Read more →

We all make mistakes. That is only natural. However, there are cases in which these mistakes can have unexpected consequences. A Twitter user recently found this out the hard way. The ingredients: a cheap USB-C adapter with a network connection,…

Read more →

Criminals try to cover their tracks as best they can. This also includes hiding any activities that control the machines they have compromised. Using I2P is one way of doing that, but until recently this has rarely been used. This…

Read more →

We discovered a Windows rootkit loader [F1] for the malware family FK_Undead. The malware family is known for intercepting user network traffic through manipulation of proxy configurations. To the best of our knowledge the rootkit loader hasn’t been officially analyzed…

Read more →

We discovered a Windows rootkit loader [F1] for the malware family FK_Undead. The malware family is known for intercepting user network traffic through manipulation of proxy configurations. To the best of our knowledge the rootkit loader hasn’t been officially analyzed…

Read more →

Recently, we uncovered a sophisticated attack campaign employing a multi-stage approach to deliver AsyncRAT via a legitimate platform called Bitbucket. This article has been indexed from Security Blog G Data Software AG Read the original article: Malware by the (Bit)Bucket:…

Read more →

How useful are Generative AI technologies when it comes to being used in a security context? We have taken the plunge and gave it a try. This article has been indexed from Security Blog G Data Software AG Read the…

Read more →

How useful are Generative AI technologies when it comes to being used in a security context? We have taken the plunge and gave it a try. This article has been indexed from Security Blog G Data Software AG Read the…

Read more →

We break down the full infection chain of the Brazilian-targeted threat BBTok and demonstrate how to deobfuscate the loader DLL using PowerShell, Python, and dnlib. This article has been indexed from Security Blog G Data Software AG Read the original…

Read more →

Automatic sandbox services should not be treated like “antivirus scanners” to determine maliciousness for samples. That’s not their intended use, and they perform poorly in that role. Unfortunately, providing an “overall score” or “verdict” is misleading. This article has been…

Read more →

We discovered a new stealer in the wild called ‘”Ailurophile Stealer”. The stealer is coded in PHP and the source code indicates potential Vietnamese origins. It is available for purchase through a subscription model via its own webpage. Through the…

Read more →